exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 11

CVE-2025-61594

около 1 месяца назад

URI is a module providing classes to handle Uniform Resource Identifiers. In versions prior to 0.12.5, 0.13.3, and 1.0.4, a bypass exists for the fix to CVE-2025-27221 that can expose user credentials. When using the `+` operator to combine URIs, sensitive information like passwords from the original URI can be leaked, violating RFC3986 and making applications vulnerable to credential exposure. Versions 0.12.5, 0.13.3, and 1.0.4 fix the issue.

EPSS: Низкий

CVE-2025-61594

около 1 месяца назад

EPSS: Низкий

CVE-2025-61594

около 1 месяца назад

URI Credential Leakage Bypass over CVE-2025-27221

EPSS: Низкий

CVE-2025-61594

около 1 месяца назад

URI is a module providing classes to handle Uniform Resource Identifie ...

EPSS: Низкий

GHSA-j4pr-3wm6-xx2r

около 1 месяца назад

URI Credential Leakage Bypass over CVE-2025-27221

EPSS: Низкий

RLSA-2025:23141

около 1 месяца назад

Moderate: ruby security update

EPSS: Низкий

RLSA-2025:23063

около 1 месяца назад

Moderate: ruby:3.3 security update

EPSS: Низкий

RLSA-2025:23062

около 1 месяца назад

Moderate: ruby:3.3 security update

EPSS: Низкий

ELSA-2025-23141

около 2 месяцев назад

ELSA-2025-23141: ruby security update (MODERATE)

EPSS: Низкий

ELSA-2025-23063

около 2 месяцев назад

ELSA-2025-23063: ruby:3.3 security update (MODERATE)

EPSS: Низкий

ELSA-2025-23062

около 2 месяцев назад

ELSA-2025-23062: ruby:3.3 security update (MODERATE)

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	EPSS	Опубликовано
CVE-2025-61594 URI is a module providing classes to handle Uniform Resource Identifiers. In versions prior to 0.12.5, 0.13.3, and 1.0.4, a bypass exists for the fix to CVE-2025-27221 that can expose user credentials. When using the `+` operator to combine URIs, sensitive information like passwords from the original URI can be leaked, violating RFC3986 and making applications vulnerable to credential exposure. Versions 0.12.5, 0.13.3, and 1.0.4 fix the issue.	0% Низкий	около 1 месяца назад
CVE-2025-61594 URI is a module providing classes to handle Uniform Resource Identifiers. In versions prior to 0.12.5, 0.13.3, and 1.0.4, a bypass exists for the fix to CVE-2025-27221 that can expose user credentials. When using the `+` operator to combine URIs, sensitive information like passwords from the original URI can be leaked, violating RFC3986 and making applications vulnerable to credential exposure. Versions 0.12.5, 0.13.3, and 1.0.4 fix the issue.	0% Низкий	около 1 месяца назад
CVE-2025-61594 URI Credential Leakage Bypass over CVE-2025-27221	0% Низкий	около 1 месяца назад
CVE-2025-61594 URI is a module providing classes to handle Uniform Resource Identifie ...	0% Низкий	около 1 месяца назад
GHSA-j4pr-3wm6-xx2r URI Credential Leakage Bypass over CVE-2025-27221	0% Низкий	около 1 месяца назад
RLSA-2025:23141 Moderate: ruby security update		около 1 месяца назад
RLSA-2025:23063 Moderate: ruby:3.3 security update		около 1 месяца назад
RLSA-2025:23062 Moderate: ruby:3.3 security update		около 1 месяца назад
ELSA-2025-23141 ELSA-2025-23141: ruby security update (MODERATE)		около 2 месяцев назад
ELSA-2025-23063 ELSA-2025-23063: ruby:3.3 security update (MODERATE)		около 2 месяцев назад
ELSA-2025-23062 ELSA-2025-23062: ruby:3.3 security update (MODERATE)		около 2 месяцев назад

Уязвимостей на страницу